Unlike custom, registry, and memory rules, script rules do not specify an action. They function primarily to include files in a category already subject to tracking and action rules in App Control. Each policy has two Advanced Settings that specify how script files are controlled on computers in that policy:
- Block unanalyzed scripts and executables:
- This setting determines whether scripts and executables not yet analyzed by App Control are blocked (for example, in cases where initialization has not yet completed on a computer). It also provides a menu and links through which you can change or disable the notifier that appears if such files are blocked.
- Block unapproved scripts:
- This setting determines whether execution of scripts whose file state is Unapproved is blocked on computers with High or Medium Enforcement. It also provides a menu and links through which you can change or disable the notifier that appears if such files are blocked.
Scripts are sometimes subject to the policy settings for executables instead of scripts. See Shell Scripts Identified by Content for more details.
Note:
RELATED TOPICS:
-
See Advanced Setting Behavior for information on script-specific settings in policies.
-
See Endpoint Notifiers and Approval Requests for information on configuring notifiers for blocked scripts.